BCC - Kayan aikin Bincike Mai Tsaru don Kulawa da Ayyukan Linux, Sadarwar Sadarwa da ƙari
BCC (BPF Compiler Collection) ƙaƙƙarfan saiti ne na kayan aikin da suka dace da fayiloli misali don ƙirƙirar hanyoyin gano kwaya da shirye-shiryen magudi. Yana amfani da tsawaita BPF (Berkeley Packet Filters), da farko aka sani da eBPF wanda shine ɗayan sabbin fasalulluka a cikin Linux 3.15.
A zahiri, yawancin abubuwan da BCC ke amfani da su suna buƙatar Linux 4.1 ko sama, kuma abubuwan lura da su sun haɗa da:
- Babu buƙatar tsarin kernel na ɓangare na 3, tunda duk kayan aikin suna aiki akan BPF wanda aka gina a cikin kernel kuma BCC yana amfani da fasalulluka da aka ƙara a cikin jerin Linux 4.x.
- Yana ba da damar lura da aiwatar da software.
- Ya ƙunshi kayan aikin bincike da yawa tare da misalai fayiloli da shafukan mutum.
Mafi dacewa ga masu amfani da Linux na ci gaba, BCC yana sauƙaƙa rubuta shirye-shiryen BPF ta amfani da kayan aikin kernel a cikin C, da gaba-gaba a Python da lua. Bugu da ƙari, yana goyan bayan ayyuka da yawa kamar nazarin ayyuka, saka idanu, sarrafa zirga-zirgar hanyar sadarwa da ƙari mai yawa.
Yadda ake Sanya BCC a cikin Linux Systems
Ka tuna cewa BCC tana amfani da fasalulluka da aka ƙara a cikin sigar kernel na Linux 4.1 ko sama, kuma a matsayin buƙatu, yakamata a haɗa kernel tare da tutocin da aka saita a ƙasa:
CONFIG_BPF=y CONFIG_BPF_SYSCALL=y # [optional, for tc filters] CONFIG_NET_CLS_BPF=m # [optional, for tc actions] CONFIG_NET_ACT_BPF=m CONFIG_BPF_JIT=y CONFIG_HAVE_BPF_JIT=y # [optional, for kprobes] CONFIG_BPF_EVENTS=y
Don bincika tutocin kwaya, duba fayil /proc/config.gz ko gudanar da umarni kamar a cikin misalan da ke ƙasa:
[email ~ $ grep CONFIG_BPF= /boot/config-`uname -r` CONFIG_BPF=y [email ~ $ grep CONFIG_BPF_SYSCALL= /boot/config-`uname -r` CONFIG_BPF_SYSCALL=y [email ~ $ grep CONFIG_NET_CLS_BPF= /boot/config-`uname -r` CONFIG_NET_CLS_BPF=m [email ~ $ grep CONFIG_NET_ACT_BPF= /boot/config-`uname -r` CONFIG_NET_ACT_BPF=m [email ~ $ grep CONFIG_BPF_JIT= /boot/config-`uname -r` CONFIG_BPF_JIT=y [email ~ $ grep CONFIG_HAVE_BPF_JIT= /boot/config-`uname -r` CONFIG_HAVE_BPF_JIT=y [email ~ $ grep CONFIG_BPF_EVENTS= /boot/config-`uname -r` CONFIG_BPF_EVENTS=y
Bayan tabbatar da tutocin kwaya, lokaci yayi da za a shigar da kayan aikin BCC a cikin tsarin Linux.
Fakitin dare ne kawai aka ƙirƙira don Ubuntu 16.04, amma umarnin shigarwa yana da sauƙi. Babu buƙatar haɓaka kwaya ko haɗa shi daga tushe.
$ echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" | sudo tee /etc/apt/sources.list.d/iovisor.list $ sudo apt-get update $ sudo apt-get install bcc-tools
Fara ta hanyar shigar da 4.3+ Linux kernel, daga http://kernel.ubuntu.com/~kernel-ppa/mainline.
A matsayin misali, rubuta ƙaramin rubutun harsashi “bcc-install.sh” tare da abubuwan da ke ƙasa.
Lura: sabunta ƙimar PREFIX zuwa sabuwar kwanan wata, sannan kuma bincika fayilolin da ke cikin PREFIX url da aka bayar don samun ainihin ƙimar REL, musanya su a cikin rubutun harsashi.
#!/bin/bash VER=4.5.1-040501 PREFIX=http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.5.1-wily/ REL=201604121331 wget ${PREFIX}/linux-headers-${VER}-generic_${VER}.${REL}_amd64.deb wget ${PREFIX}/linux-headers-${VER}_${VER}.${REL}_all.deb wget ${PREFIX}/linux-image-${VER}-generic_${VER}.${REL}_amd64.deb sudo dpkg -i linux-*${VER}.${REL}*.deb
Ajiye fayil ɗin kuma fita. Sanya shi mai aiwatarwa, sannan gudanar da shi kamar yadda aka nuna:
$ chmod +x bcc-install.sh $ sh bcc-install.sh
Bayan haka, sake kunna tsarin ku.
$ reboot
Na gaba, gudanar da umarnin da ke ƙasa don shigar da fakitin BCC da aka sa hannu:
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D4284CDD $ echo "deb https://repo.iovisor.org/apt trusty main" | sudo tee /etc/apt/sources.list.d/iovisor.list $ sudo apt-get update $ sudo apt-get install binutils bcc bcc-tools libbcc-examples python-bcc
Shigar da kernel 4.2+ daga http://alt.fedoraproject.org/pub/alt/rawhide-kernel-nodebug, idan tsarin ku yana da siga ƙasa da abin da ake buƙata. A ƙasa akwai misalin yadda ake yin hakan:
$ sudo dnf config-manager --add-repo=http://alt.fedoraproject.org/pub/alt/rawhide-kernel-nodebug/fedora-rawhide-kernel-nodebug.repo $ sudo dnf update $ reboot
Bayan haka, ƙara ma'ajiyar kayan aikin BBC, sabunta tsarin ku kuma shigar da kayan aikin ta aiwatar da jerin umarni na gaba:
$ echo -e '[iovisor]\nbaseurl=https://repo.iovisor.org/yum/nightly/f23/$basearch\nenabled=1\ngpgcheck=0' | sudo tee /etc/yum.repos.d/iovisor.repo $ sudo dnf update $ sudo dnf install bcc-tools
Ya kamata ku fara da haɓaka kernel ɗin ku zuwa aƙalla sigar 4.3.1-1, daga baya shigar da fakitin da ke ƙasa ta amfani da kowane manajan fakitin Arch kamar pacaur, yaourt, cower, da sauransu.
bcc bcc-tools python-bcc python2-bcc
Yadda Ake Amfani da Kayan aikin BCC a cikin Tsarin Linux
Ana shigar da duk kayan aikin BCC a ƙarƙashin kundin adireshi /usr/share/bcc/kayan aiki
. Koyaya, zaku iya sarrafa su a madadin BCC Github ma'ajiyar a ƙarƙashin /kayan aiki
inda suka ƙare tare da tsawo .py
.
$ ls /usr/share/bcc/tools argdist capable filetop offwaketime stackcount vfscount bashreadline cpudist funccount old stacksnoop vfsstat biolatency dcsnoop funclatency oomkill statsnoop wakeuptime biosnoop dcstat gethostlatency opensnoop syncsnoop xfsdist biotop doc hardirqs pidpersec tcpaccept xfsslower bitesize execsnoop killsnoop profile tcpconnect zfsdist btrfsdist ext4dist mdflush runqlat tcpconnlat zfsslower btrfsslower ext4slower memleak softirqs tcpretrans cachestat filelife mysqld_qslower solisten tplist cachetop fileslower offcputime sslsniff trace
Za mu kawo wasu misalai a ƙarƙashin - sa ido kan ayyukan tsarin Linux na gabaɗaya da hanyar sadarwa.
Bari mu fara da gano duk bude()
syscalls ta amfani da opensnoop. Wannan yana ba mu damar gaya mana yadda aikace-aikace daban-daban ke aiki ta hanyar gano fayilolin bayanan su, daidaita fayilolinsu da ƙari da yawa:
$ cd /usr/share/bcc/tools $ sudo ./opensnoop PID COMM FD ERR PATH 1 systemd 35 0 /proc/self/mountinfo 2797 udisksd 13 0 /proc/self/mountinfo 1 systemd 35 0 /sys/devices/pci0000:00/0000:00:0d.0/ata3/host2/target2:0:0/2:0:0:0/block/sda/sda1/uevent 1 systemd 35 0 /run/udev/data/b8:1 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount 1 systemd -1 2 /usr/local/lib/systemd/system/sys-kernel-debug-tracing.mount 2247 systemd 15 0 /proc/self/mountinfo 1 systemd -1 2 /lib/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /usr/lib/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /run/systemd/generator.late/sys-kernel-debug-tracing.mount 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /usr/local/lib/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /usr/local/lib/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /lib/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /lib/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /usr/lib/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /usr/lib/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /run/systemd/generator.late/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /run/systemd/generator.late/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount.d 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount.d 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount.d ....
A cikin wannan misalin, yana nuna taƙaitaccen rarrabawar latency I/O diski ta amfani da biolatecency. Bayan aiwatar da umarnin, jira ƴan mintuna kaɗan kuma danna Ctrl-C don ƙare shi kuma duba fitarwa.
$ sudo ./biolatecncy Tracing block device I/O... Hit Ctrl-C to end. ^C usecs : count distribution 0 -> 1 : 0 | | 2 -> 3 : 0 | | 4 -> 7 : 0 | | 8 -> 15 : 0 | | 16 -> 31 : 0 | | 32 -> 63 : 0 | | 64 -> 127 : 0 | | 128 -> 255 : 3 |****************************************| 256 -> 511 : 3 |****************************************| 512 -> 1023 : 1 |************* |
A cikin wannan sashe, za mu matsa zuwa gano sabbin matakai a cikin aiwatarwa ta amfani da kayan aikin execsnoop. A duk lokacin da aka soke tsari ta cokalika()
da exec()
syscalls, ana nuna shi a cikin fitarwa. Duk da haka, ba duk hanyoyin da aka kama ba.
$ sudo ./execsnoop PCOMM PID PPID RET ARGS gnome-screensho 14882 14881 0 /usr/bin/gnome-screenshot --gapplication-service systemd-hostnam 14892 1 0 /lib/systemd/systemd-hostnamed nautilus 14897 2767 -2 /home/tecmint/bin/net usershare info nautilus 14897 2767 -2 /home/tecmint/.local/bin/net usershare info nautilus 14897 2767 -2 /usr/local/sbin/net usershare info nautilus 14897 2767 -2 /usr/local/bin/net usershare info nautilus 14897 2767 -2 /usr/sbin/net usershare info nautilus 14897 2767 -2 /usr/bin/net usershare info nautilus 14897 2767 -2 /sbin/net usershare info nautilus 14897 2767 -2 /bin/net usershare info nautilus 14897 2767 -2 /usr/games/net usershare info nautilus 14897 2767 -2 /usr/local/games/net usershare info nautilus 14897 2767 -2 /snap/bin/net usershare info compiz 14899 14898 -2 /home/tecmint/bin/libreoffice --calc compiz 14899 14898 -2 /home/tecmint/.local/bin/libreoffice --calc compiz 14899 14898 -2 /usr/local/sbin/libreoffice --calc compiz 14899 14898 -2 /usr/local/bin/libreoffice --calc compiz 14899 14898 -2 /usr/sbin/libreoffice --calc libreoffice 14899 2252 0 /usr/bin/libreoffice --calc dirname 14902 14899 0 /usr/bin/dirname /usr/bin/libreoffice basename 14903 14899 0 /usr/bin/basename /usr/bin/libreoffice ...
Yin amfani da ext4slower don gano tsarin fayil na ext4 na gama gari wanda bai wuce 10ms ba, don taimaka mana gano jinkirin diski I/O ta hanyar tsarin fayil.
Yana fitar da waɗannan ayyukan da suka wuce iyaka:
$ sudo ./execslower Tracing ext4 operations slower than 10 ms TIME COMM PID T BYTES OFF_KB LAT(ms) FILENAME 11:59:13 upstart 2252 W 48 1 10.76 dbus.log 11:59:13 gnome-screensh 14993 R 144 0 10.96 settings.ini 11:59:13 gnome-screensh 14993 R 28 0 16.02 gtk.css 11:59:13 gnome-screensh 14993 R 3389 0 18.32 gtk-main.css 11:59:25 rs:main Q:Reg 1826 W 156 60 31.85 syslog 11:59:25 pool 15002 R 208 0 14.98 .xsession-errors 11:59:25 pool 15002 R 644 0 12.28 .ICEauthority 11:59:25 pool 15002 R 220 0 13.38 .bash_logout 11:59:27 dconf-service 2599 S 0 0 22.75 user.BHDKOY 11:59:33 compiz 2548 R 4096 0 19.03 firefox.desktop 11:59:34 compiz 15008 R 128 0 27.52 firefox.sh 11:59:34 firefox 15008 R 128 0 36.48 firefox 11:59:34 zeitgeist-daem 2988 S 0 0 62.23 activity.sqlite-wal 11:59:34 zeitgeist-fts 2996 R 8192 40 15.67 postlist.DB 11:59:34 firefox 15008 R 140 0 18.05 dependentlibs.list 11:59:34 zeitgeist-fts 2996 S 0 0 25.96 position.tmp 11:59:34 firefox 15008 R 4096 0 10.67 libplc4.so 11:59:34 zeitgeist-fts 2996 S 0 0 11.29 termlist.tmp ...
Na gaba, bari mu nutse cikin buga layi a kowane faifai I/O kowane daƙiƙa, tare da cikakkun bayanai kamar ID tsari, yanki, bytes, latency da sauransu ta amfani da biosnoop:
$ sudo ./biosnoop TIME(s) COMM PID DISK T SECTOR BYTES LAT(ms) 0.000000000 ? 0 R -1 8 0.26 2.047897000 ? 0 R -1 8 0.21 3.280028000 kworker/u4:0 14871 sda W 30552896 4096 0.24 3.280271000 jbd2/sda1-8 545 sda W 29757720 12288 0.40 3.298318000 jbd2/sda1-8 545 sda W 29757744 4096 0.14 4.096084000 ? 0 R -1 8 0.27 6.143977000 ? 0 R -1 8 0.27 8.192006000 ? 0 R -1 8 0.26 8.303938000 kworker/u4:2 15084 sda W 12586584 4096 0.14 8.303965000 kworker/u4:2 15084 sda W 25174736 4096 0.14 10.239961000 ? 0 R -1 8 0.26 12.292057000 ? 0 R -1 8 0.20 14.335990000 ? 0 R -1 8 0.26 16.383798000 ? 0 R -1 8 0.17 ...
Bayan haka, muna ci gaba da amfani da cachestat don nuna layi ɗaya na taƙaitaccen ƙididdiga daga ma'ajin tsarin kowane sakan. Wannan yana ba da damar ayyukan daidaita tsarin ta hanyar nuna ƙarancin cache hit rabo da babban adadin asarar:
$ sudo ./cachestat HITS MISSES DIRTIES READ_HIT% WRITE_HIT% BUFFERS_MB CACHED_MB 0 0 0 0.0% 0.0% 19 544 4 4 2 25.0% 25.0% 19 544 1321 33 4 97.3% 2.3% 19 545 7476 0 2 100.0% 0.0% 19 545 6228 15 2 99.7% 0.2% 19 545 0 0 0 0.0% 0.0% 19 545 7391 253 108 95.3% 2.7% 19 545 33608 5382 28 86.1% 13.8% 19 567 25098 37 36 99.7% 0.0% 19 566 17624 239 416 96.3% 0.5% 19 520 ...
Kula da haɗin TCP kowane daƙiƙa ta amfani da tcpconnect. Fitowar ta ya haɗa da adireshin tushe da inda za a nufa, da lambar tashar jiragen ruwa. Wannan kayan aikin yana da amfani don gano hanyoyin haɗin TCP na ba zato, ta haka yana taimaka mana gano rashin aiki a cikin saitunan aikace-aikacen ko maharin.
$ sudo ./tcpconnect PID COMM IP SADDR DADDR DPORT 15272 Socket Threa 4 10.0.2.15 91.189.89.240 80 15272 Socket Threa 4 10.0.2.15 216.58.199.142 443 15272 Socket Threa 4 10.0.2.15 216.58.199.142 80 15272 Socket Threa 4 10.0.2.15 216.58.199.174 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 117.18.237.29 80 15272 Socket Threa 4 10.0.2.15 216.58.199.142 80 15272 Socket Threa 4 10.0.2.15 216.58.199.131 80 15272 Socket Threa 4 10.0.2.15 216.58.199.131 443 15272 Socket Threa 4 10.0.2.15 52.222.135.52 443 15272 Socket Threa 4 10.0.2.15 216.58.199.131 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 216.58.199.132 443 15272 Socket Threa 4 10.0.2.15 216.58.199.131 443 15272 Socket Threa 4 10.0.2.15 216.58.199.142 443 15272 Socket Threa 4 10.0.2.15 54.69.17.198 443 15272 Socket Threa 4 10.0.2.15 54.69.17.198 443 ...
Hakanan ana iya amfani da duk kayan aikin da ke sama tare da zaɓuɓɓuka daban-daban, don kunna shafin taimako don kayan aikin da aka bayar, yi amfani da zaɓin -h
, misali:
$ sudo ./tcpconnect -h usage: tcpconnect [-h] [-t] [-p PID] [-P PORT] Trace TCP connects optional arguments: -h, --help show this help message and exit -t, --timestamp include timestamp on output -p PID, --pid PID trace this PID only -P PORT, --port PORT comma-separated list of destination ports to trace. examples: ./tcpconnect # trace all TCP connect()s ./tcpconnect -t # include timestamps ./tcpconnect -p 181 # only trace PID 181 ./tcpconnect -P 80 # only trace port 80 ./tcpconnect -P 80,81 # only trace port 80 and 81
Don gano gazawar exec() s syscals, yi amfani da zaɓin -x
tare da opensnoop kamar ƙasa:
$ sudo ./opensnoop -x PID COMM FD ERR PATH 15414 pool -1 2 /home/.hidden 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpu/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpu/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpuacct/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpuacct/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/blkio/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/blkio/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/memory/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/memory/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/pids/system.slice/systemd-hostnamed.service/cgroup.procs 2548 compiz -1 2 15416 systemd-cgroups -1 2 /run/systemd/container 15416 systemd-cgroups -1 2 /sys/fs/kdbus/0-system/bus 15415 systemd-hostnam -1 2 /run/systemd/container 15415 systemd-hostnam -1 13 /proc/1/environ 15415 systemd-hostnam -1 2 /sys/fs/kdbus/0-system/bus 1695 dbus-daemon -1 2 /run/systemd/users/0 15415 systemd-hostnam -1 2 /etc/machine-info 15414 pool -1 2 /home/tecmint/.hidden 15414 pool -1 2 /home/tecmint/Binary/.hidden 2599 dconf-service -1 2 /run/user/1000/dconf/user ...
Misali na ƙarshe da ke ƙasa yana nuna yadda ake aiwatar da aikin gano al'ada. Muna neman wani tsari ta amfani da PID ɗin sa.
Da farko ƙayyade ID ɗin tsari:
$ pidof firefox 15437
Daga baya, gudanar da umarnin bin diddigin al'ada. A cikin umarnin da ke ƙasa: -p
yana ƙayyadadden ID na tsari, do_sys_open()
aiki ne na kernel wanda aka gano da ƙarfi gami da hujjarsa ta biyu azaman kirtani.
$ sudo ./trace -p 4095 'do_sys_open "%s", arg2' TIME PID COMM FUNC - 12:17:14 15437 firefox do_sys_open /run/user/1000/dconf/user 12:17:14 15437 firefox do_sys_open /home/tecmint/.config/dconf/user 12:18:07 15437 firefox do_sys_open /run/user/1000/dconf/user 12:18:07 15437 firefox do_sys_open /home/tecmint/.config/dconf/user 12:18:13 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:13 15437 firefox do_sys_open /dev/urandom 12:18:13 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /usr/share/fonts/truetype/liberation/LiberationSans-Italic.ttf 12:18:14 15437 firefox do_sys_open /usr/share/fonts/truetype/liberation/LiberationSans-Italic.ttf 12:18:14 15437 firefox do_sys_open /usr/share/fonts/truetype/liberation/LiberationSans-Italic.ttf 12:18:14 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:15 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:15 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /dev/urandom ....
Takaitawa
BCC kayan aiki ne mai ƙarfi kuma mai sauƙin amfani don ayyuka daban-daban na gudanarwar tsarin kamar bin diddigin tsarin aiwatarwa, gano na'urar I/O, ayyukan TCP, ayyukan tsarin fayil, syscalls, binciken Node.js, da ƙari mai yawa. Mahimmanci, yana shigo da fayiloli da yawa da kuma shafukan mutum don kayan aikin da zasu jagorance ku, yana mai da shi abokantaka da aminci.
A ƙarshe amma ba kalla ba, zaku iya dawowa gare mu ta hanyar raba ra'ayoyinku game da batun, yin tambayoyi, ba da shawarwari masu amfani ko duk wani ra'ayi mai ma'ana ta hanyar sharhin da ke ƙasa.
Don ƙarin bayani da ziyarar amfani: https://iovisor.github.io/bcc/